VYPR
Unrated severityOSV Advisory· Published Jul 30, 2024· Updated Mar 27, 2026

Langflow Privilege Escalation

CVE-2024-7297

Description

Langflow versions prior to 1.0.13 suffer from a Privilege Escalation vulnerability, allowing a remote and low privileged attacker to gain super admin privileges by performing a mass assignment request on the '/api/v1/users' endpoint.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Langflow AI/LangflowOSV2 versions
    v0.0.31, v0.0.69, v0.0.70, …+ 1 more
    • (no CPE)range: v0.0.31, v0.0.69, v0.0.70, …
    • (no CPE)range: <1.0.13

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.